﻿<?php
session_start();
include "connectsql.php";

if (isset($_SESSION["ceo"]) && $_SESSION["ceo"] == true) {
	$manager = $_SESSION["manager"];
} else {
	die (ECHO_LOGIN_OVER_TIME);	
}

if (isset($_REQUEST["reg"])) {
	$regflag = $_REQUEST["reg"];
} else {
	die (ECHO_NO_REGFLAG);
}

if (isset($_REQUEST['name'])) {
	$username = $_REQUEST['name'];
	if ($username == "")
		die (ECHO_NO_INPUTNAME);	
} else {
	die (ECHO_NO_INPUTNAME);	
}

if ($regflag == FLAG_DEL) {
	$sql = "delete from ".SetDB_USER_TAB($manager)." where `username` = '".$username."'";
	$query = mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_DEL);
	
	$sql = "delete from ".SetDB_CMD_TAB($manager)." where `username` = '".$username."'";
	$query = mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_DEL);
	
	$sql = "drop table if exists ".SetDB_LOG_TAB($manager, $username);
	mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_DEL_TABLE);	
	echo ECHO_OK;
	return;	
} else if ($regflag == FLAG_REG || $regflag == FLAG_CHANGE) {
	$sql = "select * from ".SetDB_USER_TAB($manager)." where `username` = '".$username."'";
	$query = mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
	$num_rows = mysqli_num_rows($query);
	if ($regflag == FLAG_REG) {
	 	if ($num_rows != 0) {
			die (ECHO_EXIST_USER);
		}
	} else if ($regflag == FLAG_CHANGE) {
	 	if ($num_rows != 1) {
			die (ECHO_ERROR);
		}		
		$row = mysqli_fetch_assoc($query);          
		$alias = $row["alias"];
		$remarks = $row["remarks"];
		mysqli_free_result($query);
	}
} else {
	die (ECHO_NO_REGFLAG);
}

if (isset($_REQUEST['alias'])) {
	$alias = $_REQUEST['alias'];
} else if ($regflag == FLAG_REG) {
	$alias = "";	
}

if (isset($_REQUEST['groupid'])) {
	$groupname = $_REQUEST['groupid'];
	if ($groupname == "")
		die (ECHO_NO_INPUTGROUP);	
}	else {
	die (ECHO_NO_INPUTGROUP);
}

if (isset($_REQUEST['remarks'])) {
	$remarks = $_REQUEST['remarks'];
} else {
	$remarks = "";		
}

if (isset($_REQUEST['phone'])) {
	$phone = $_REQUEST['phone'];
} else {
	$phone = "";
}

if (isset($_REQUEST['xml'])) {
	$xml = $_REQUEST['xml'];
	$modexml = "mode".$xml.".xml";
	$playlistxml = "playlist".$xml.".xml";	
} else {
	$modexml = "";
	$playlistxml = "";
}

#$sql = "set names gbk";
#mysqli_query($link, $sql);
if ($regflag == FLAG_REG) {
	$sql = "insert into ".SetDB_USER_TAB($manager)." (`username`,`alias`,`groupname`,`remarks`,`cardnum`,`modexml`,`playlistxml`) values ('".$username."','".$alias."','".$groupname."','".$remarks."','".$phone."','".$modexml."','".$playlistxml."')";
#	echo $sql;
    mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_INSERT);
	
	$sql = "create table if not exists ".SetDB_LOG_TAB($manager, $username)."(
		id int unsigned auto_increment primary key,
		`time` bigint,
		`type` varchar(2),
		`name` varchar(256))";			
	mysqli_query($link, $sql) or die(ECHO_MYSQL_ERROR_CREATE_TABLE);
	echo ECHO_OK;
} else if ($regflag == FLAG_CHANGE) {
	// 修改表单的内容
	$sql = "update ".SetDB_USER_TAB($manager)." set `alias` = '".$alias."', `groupname` = '".$groupname."', `remarks` = '".$remarks."', `cardnum` = '".$phone."' where `username` = '".$username."'";
	mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_CHANGE);
	echo ECHO_OK;
}
mysqli_close($link);
?>